A basic list can also be found at the developers site. If anybody is looking for a German list, this can be found here (disclosure: I'm the author of the linked book, which is also available for download here as epub/pdf/mobi for free).
–
IzzyFeb 12 '13 at 22:45

The lists below are great, but would be better for users if each permission included a correlation to what is seen in the Play Store or at install time.
–
CatShoesApr 3 '13 at 15:11

2 Answers
2

This is all the available permissions that an application can require. Of this list, there are some that can only be "requested" by "System" applications. Applications that are not system applications will not be able to request permissions to "System Permissions". Only applications that are in the /system/app location and signed with the System key can request these specific system permissions.

These are the names that are used by the developer of the application to request the permission, but the name that is displayed when installing should have some similar wording to the name.

Permissions

ACCESS_CHECKIN_PROPERTIES

Allows read/write access to the "properties" table in the (Unix security)
checkin database, to change values that get uploaded.

Group: LOCATION

Level: SYSTEM

ACCESS_COARSE_LOCATION

Allows an app to access approximate location derived from network location
sources such as cell towers and Wi-Fi.

Group: LOCATION

This permission is usually used by applications that display location based
ads by publishers like Admob (Google).

ACCESS_FINE_LOCATION

Allows an app to access precise location from location sources such as GPS,
cell towers, and Wi-Fi.

Group: LOCATION

This permission can be used by applications that display location based ads
by publishers like Admob (Google). It is also used by applications that want
your exact location. Examples would be Navigation applications, "Check-In"
apps like 4square.

ACCESS_LOCATION_EXTRA_COMMANDS

Allows an application to access extra location provider commands.
A good example for poor documentation, as even books on Android application
development state: The Android documentation doesn’t tell us
which location commands are “extra,” so we’ll ask for all of them.

Group: LOCATION

ACCESS_MOCK_LOCATION

Allows an application to create mock location providers for testing, and is
intended for development use in e.g. the Android Emulator (to save the dev
from having to run around to check if positions are displayed correctly).
Cases where this is needed in an app ready for endusers should be rare.

This allows an application to fake the location information.

Group: LOCATION

ACCESS_NETWORK_STATE

Allows applications to access information about networks.

Information including if a network is available (or just connecting), what
type of network the device is connected to, if any (WiFi, 3G, LTE), if it's
in Roaming, and also reasons for a failed connection attempt (if any).

Good use: The application may check the state of your connection before
trying to access the internet, and e.g. restrict itself to WiFi for some
actions.

Bad use: Only in combination with other permissions (e.g. data collection for
profiling).

Group: NETWORK

ACCESS_SURFACE_FLINGER

Allows an application to use SurfaceFlinger's low level features.
SurfaceFlinger is part of Android's media framework. It provides a
compositor which takes care for rendering in frame buffers (so this has to
do with graphics).

Group: SYSTEM_TOOLS

Level: SYSTEM

ACCESS_WIFI_STATE

Allows applications to access information about Wi-Fi networks

Group: NETWORK

This could be requested by any application that uses internet access. The
application may check the state of your connection before trying to access
the internet.

Good/Bad use: See ACCESS_NETWORK_STATE above.

ACCOUNT_MANAGER

Allows applications to call into AccountAuthenticators. Only
the system can get this permission.
An account-manager is the service working behind the scenes and taking care
everything works as expected.

Group: ACCOUNTS

Level: SYSTEM

This permission is reserved for system apps.

ADD_VOICEMAIL (4.0+)

Allows an application to add voicemails into the system.

Group: PERSONAL_INFO

AUTHENTICATE_ACCOUNTS

Allows an application to act as an AccountAuthenticator for the
AccountManager

Group: ACCOUNTS

This is for applications that would authenticate you to their service.
An app using this permission usually provides an interface to deal with a
certain account type (which is not known by the pre-installed Android
system), such as Dropbox. As shipped, Android does not know how to login to
Dropbox and how to deal with a Dropbox account – so the Dropbox app provides
the mechanism. Additionally, an "account authenticator" might restrict the
actions an app can perform with the account (so it would e.g. be possible to
administrate this via some web interface offered by the service).

BATTERY_STATS

Allows an application to collect battery statistics

Battery widgets and other battery information tools use this permission

Group: SYSTEM_TOOLS

BIND_APPWIDGET

Allows an application to tell the AppWidget service which application can
access AppWidget's data. The normal user flow is that a user picks an
AppWidget to go into a particular host, thereby giving that host application
access to the private data from the AppWidget app. An application that has
this permission should honor that contract. Very few applications should
need to use this permission.

Group: PERSONAL_INFO

Level: SYSTEM

BIND_DEVICE_ADMIN (2.2+)

Must be required by device administration receiver, to ensure that only the
system can interact with it.

Group: SYSTEM_TOOLS

Level: SYSTEM

BIND_INPUT_METHOD

Must be required by an InputMethodService, to ensure that only the system
can bind to it.

Group: SYSTEM_TOOLS

Level: SYSTEM

BIND_REMOTEVIEWS (3.0+)

Must be required by a RemoteViewsService, to ensure that only the system can
bind to it.

Level: SYSTEM

BIND_TEXT_SERVICE (4.0+)

Must be required by a TextService (e.g. SpellCheckerService) to ensure that
only the system can bind to it.

Group: SYSTEM_TOOLS

Level: SYSTEM

BIND_VPN_SERVICE (4.0+)

Must be required by a Vpn Service, to ensure that only the system can bind
to it.

Group: SYSTEM_TOOLS

Level: SYSTEM

BIND_WALLPAPER (2.2+)

Must be required by a WallpaperService, to ensure that only the system can
bind to it.

Group: SYSTEM_TOOLS

Level: SYSTEM

BIND_*

many more like the above for different services, like NFC, PrintService, and
others

BLUETOOTH

Allows applications to connect to paired bluetooth devices

Group: NETWORK

BLUETOOTH_ADMIN

Allows applications to discover and pair bluetooth devices

Group: SYSTEM_TOOLS

BLUETOOTH_PRIVILEGED (4.4+)

Allows applications to pair bluetooth devices without user interaction. This
is not available to third party applications.

BRICK

Required to be able to disable the device

Group: SYSTEM_TOOLS

Level: SYSTEM

BROADCAST_PACKAGE_REMOVED

Allows an application to broadcast a notification that an application
package has been removed.

Group: SYSTEM_TOOLS

Level: SYSTEM

BROADCAST_SMS

Allows an application to broadcast an SMS receipt notification

Group: MESSAGES

Level: SYSTEM

BROADCAST_STICKY

Allows an application to broadcast sticky intents. These are
broadcasts whose data is held by the system after being finished,
so that clients can quickly retrieve that data without having
to wait for the next broadcast.

Group: SYSTEM_TOOLS

BROADCAST_WAP_PUSH

Allows an application to broadcast a WAP PUSH receipt notification

Group: MESSAGES

Level: SYSTEM

CALL_PHONE

Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call being placed.

Group: COST_MONEY

This will allow the application to "prompt" you to place a call. You will not have to enter the number, but you will have to place the "call" button. You will be able to see the number that is being called.

CALL_PRIVILEGED

Allows an application to call any phone number, including emergency
numbers, without going through the Dialer user interface for the user
to confirm the call being placed.

Group: MESSAGES

Level: SYSTEM

CAMERA

Required to be able to access the camera device.

Group: HARDWARE_CONTROLS

Any application that uses the rear or front cameras.

CAPTURE_AUDIO_OUTPUT (4.4+)

Allows an application to capture audio output. Not for use by third-party
applications.

CAPTURE_SECURE_VIDEO_OUTPUT (4.4+)

Allows an application to capture secure video output. Not for use by
third-party applications.

CAPTURE_VIDEO_OUTPUT (4.4+)

Allows an application to capture video output. Not for use by third-party
applications.

CHANGE_COMPONENT_ENABLED_STATE

Allows an application to change whether an application component (other than
its own) is enabled or not.

Group: SYSTEM_TOOLS

Level: SYSTEM

CHANGE_CONFIGURATION

Allows an application to modify the current configuration, such
as locale.

Group: SYSTEM_TOOLS

CHANGE_NETWORK_STATE

Allows applications to change network connectivity state

Group: SYSTEM_TOOLS

CHANGE_WIFI_MULTICAST_STATE

Allows applications to enter Wi-Fi Multicast mode

Group: SYSTEM_TOOLS

CHANGE_WIFI_STATE

Allows applications to change Wi-Fi connectivity state

Group: SYSTEM_TOOLS

CLEAR_APP_CACHE

Allows an application to clear the caches of all installed
applications on the device.

Group: SYSTEM_TOOLS

CLEAR_APP_USER_DATA

Allows an application to clear user data

Group: SYSTEM_TOOLS

Level: SYSTEM

CONTROL_LOCATION_UPDATES

Allows enabling/disabling location update notifications from
the radio. Not for use by normal applications.

Group: LOCATION

Level: SYSTEM

DELETE_CACHE_FILES

Allows an application to delete cache files.

Group: SYSTEM_TOOLS

Level: SYSTEM

DELETE_PACKAGES

Allows an application to delete packages.

Group: SYSTEM_TOOLS

Level: SYSTEM

DEVICE_POWER

Allows low-level access to power management

Group: SYSTEM_TOOLS

Level: SYSTEM

DIAGNOSTIC

Allows applications to RW to diagnostic resources.

Group: SYSTEM_TOOLS

Level: SYSTEM

DISABLE_KEYGUARD

Allows applications to disable the keyguard

Group: SYSTEM_TOOLS

DUMP

Allows an application to retrieve state dump information from system
services.

Group: SYSTEM_TOOLS

Level: SYSTEM

EXPAND_STATUS_BAR

Allows an application to expand or collapse the status bar.

Group: SYSTEM_TOOLS

FACTORY_TEST

Run as a manufacturer test application, running as the root user.
Only available when the device is running in manufacturer test mode.

Group: SYSTEM_TOOLS

Level: SYSTEM

FLASHLIGHT

Allows access to the flashlight

Group: HARDWARE_CONTROLS

Allows application to control the LED flash from the camera and have it act like a flashlight.

FORCE_BACK

Allows an application to force a BACK operation on whatever is the top
activity.

Group: SYSTEM_TOOLS

Level: SYSTEM

GET_ACCOUNTS

Allows access to the list of accounts in the Accounts Service

Applications that require some type of authentication from accounts that are
"connected" to the device. A list of the accounts are ususally displayed so
you can choose the account to use with the application. To really use those
credentials, the USE_CREDENTIALS permission is required.

Allows an application to get information about the currently or recently
running tasks: a thumbnail representation of the tasks, what activities are
running in it, etc. Bad cop: spy for possible security leaks (vulnerable
apps), data collection. Good cop: check whether the app's own service is
running, show recently used apps (task-switcher).

Group: SYSTEM_TOOLS

GET_TOP_ACTIVITY_INFO (4.3+)

Allows an application to retrieve private information about the current top
activity, such as any assist context it can provide. Not for use by
third-party applications.

GLOBAL_SEARCH

This permission can be used on content providers to allow the global
search system to access their data. Typically it used when the
provider has some permissions protecting it (which global search
would not be expected to hold), and added as a read-only permission
to the path in the provider where global search queries are
performed. This permission can not be held by regular applications;
it is used by applications to protect themselves from everyone else
besides global search.

Group: SYSTEM_TOOLS

Level: SYSTEM

HARDWARE_TEST

Allows access to hardware peripherals. Intended only for hardware testing

Group: HARDWARE_CONTROLS

INJECT_EVENTS

Allows an application to inject user events (keys, touch, trackball)
into the event stream and deliver them to ANY window. Without this
permission, you can only deliver events to windows in your own process.
Very few applications should need to use this permission.

Group: SYSTEM_TOOLS

Level: SYSTEM (or APPLICATION ONLY)

INSTALL_LOCATION_PROVIDER

Allows an application to install a location provider into the Location Manager

Group: LOCATION

INSTALL_PACKAGES

Allows an application to install packages.

Group: SYSTEM_TOOLS

Level: SYSTEM

INSTALL_SHORTCUT (4.4+)

Allows an application to install a shortcut in Launcher (Homescreen)

INTERACT_ACROSS_USERS (4.4+?)

Allows an application to call APIs that allow it to do interactions across the users on the device, using singleton services and user-targeted broadcasts. This permission is not available to third party applications.

Provides protected read access to external storage. In Android 4.1 by
default all applications still have read access. This changed with
Android 4.4 (API level 19), which now requires that applications explicitly
request read access using this permission. If an application already
requests write access, it will automatically get read access as well.

Group: STORAGE

READ_FRAME_BUFFER

Allows an application to take screen shots and more generally get access to
the frame buffer data

This permission gives access to your device's identifiers (IMEI/IMSI),
SIM ID, voice mailbox number, your phone number and, if a call is in
progress, the remote number. It's not required for things like
call state (whether a call is in progress/pending), network operator, or
the network provider used – according to the app permission.READ_PHONE_STATE, which shows what this permission is needed for (and what not)

automatically granted to apps targeted at Android 1.6 or before

good use: ???

bad use: you can be tracked across networks via your IMSI/IMEI/phone number

neutral use: targeted ads (service can see what ads have already been
displayed on your device, and don't need to be displayed again, for example)

Check the app permission.READ_SMS to see what information can be obtained with this permission.

READ_SOCIAL_STREAM (4.0+)

Allows an application to read from the user's social stream.

Group: PERSONAL_INFO

READ_SYNC_SETTINGS

Allows applications to read the sync settings

Group: SYSTEM_TOOLS

READ_SYNC_STATS

Allows applications to read the sync stats

Group: SYSTEM_TOOLS

READ_USER_DICTIONARY (4.1+)

Allows an application to read the user dictionary. This should really only
be required by an IME, or a dictionary editor like the Settings app.

Group: PERSONAL_INFO

REBOOT

Required to be able to reboot the device

Group: SYSTEM_TOOLS

Level: SYSTEM

RECEIVE_BOOT_COMPLETED

Allows an application to receive the
ACTION_BOOT_COMPLETED that is broadcast after the system
finishes booting. If you don't request this permission, you will not
receive the broadcast at that time. Though holding this permission does not
have any security implications, it can have a negative impact on the
user experience by increasing the amount of time it takes the system to
start and allowing applications to have themselves running without the user
being aware of them. As such, you must explicitly declare your use of this
facility to make that visible to the user.

Group: SYSTEM_TOOLS

RECEIVE_EMERGENCY_BROADCAST

Allows an application to receive emergency cell broadcast messages,
to record or display them to the user. Reserved for system apps.

Group: MESSAGES

Level: SYSTEM

Pending API council approval

RECEIVE_MMS

Allows an application to monitor incoming MMS messages, to record
or perform processing on them.

Group: MESSAGES

RECEIVE_SMS

Allows an application to monitor incoming SMS messages, to record
or perform processing on them.

Allows an application (Phone) to send a request to other applications to
handle the respond-via-message action during incoming calls. Not for use by
third-party applications.

SEND_SMS

Allows an application to send SMS messages.

Group: COST_MONEY

SEND_SMS_NO_CONFIRMATION

Allows an application to send SMS messages via the Messaging app with no
user input or confirmation.

Group: COST_MONEY

Level: SYSTEM

SET_ACTIVITY_WATCHER

Allows an application to watch and control how activities are started
globally in the system.

Group: SYSTEM_TOOLS

Level: SYSTEM

SET_ALARM (2.3+)

Allows an application to broadcast an Intent to set an alarm for the
user.

Group: PERSONAL_INFO

SET_ALWAYS_FINISH

Allows an application to control whether activities are immediately
finished when put in the background.

Group: DEVELOPMENT_TOOLS

SET_ANIMATION_SCALE

Modify the global animation scaling factor.

Group: SYSTEM_TOOLS

SET_DEBUG_APP

Configure an application for debugging.

Group: DEVELOPMENT_TOOLS

SET_ORIENTATION

Allows low-level access to setting the orientation (actually rotation) of
the screen. Not for use by normal applications.

Group: SYSTEM_TOOLS

Level: SYSTEM

SET_POINTER_SPEED (3.2+)

Allows low-level access to setting the pointer speed. Not for use by normal
applications.

Group: SYSTEM_TOOLS

Level: SYSTEM

SET_PREFERRED_APPLICATIONS

deprecated No longer useful

Group: SYSTEM_TOOLS

SET_PROCESS_LIMIT

Allows an application to set the maximum number of (not needed)
application processes that can be running.

Group: DEVELOPMENT_TOOLS

SET_TIME (2.2+)

Allows applications to set the system time

Group: SYSTEM_TOOLS

Level: SYSTEM

SET_TIME_ZONE

Allows applications to set the system time zone

Group: SYSTEM_TOOLS

SET_WALLPAPER

Allows applications to set the wallpaper

Group: SYSTEM_TOOLS

SET_WALLPAPER_HINTS

Allows applications to set the wallpaper hints

Group: SYSTEM_TOOLS

SIGNAL_PERSISTENT_PROCESSES

Allow an application to request that a signal be sent to all persistent
processes

Group: DEVELOPMENT_TOOLS

STATUS_BAR

Allows an application to open, close, or disable the status bar and its
icons.

Group: SYSTEM_TOOLS

Level: SYSTEM

SUBSCRIBED_FEEDS_READ

Allows an application to read the subscribed feeds ContentProvider.

Group: SYSTEM_TOOLS

SUBSCRIBED_FEEDS_WRITE

Allows an application to write to the subscribed feeds ContentProvider.

Group: SYSTEM_TOOLS

SYSTEM_ALERT_WINDOW

Allows an application to open windows using the type
TYPE_SYSTEM_ALERT, shown on top of all other applications.
Very few applications should use this permission; these windows are intended
for system-level interaction with the user.

Group: SYSTEM_TOOLS

continue heretoo many characters (Body is limited to 30000 characters), so it had to be split

What is the reason (or idea) of copy-pasting official Android doc???
–
ArtemStorozhukJan 25 '13 at 20:58

3

@Astor, That is not a copy/paste from the android docs. While some of it is information from there, show me where in the docs that it says what group they live in or if they can ONLY be requested by SYSTEM applications.
–
Ryan ConradJan 25 '13 at 20:59

1

It would be kind of cool, and possibly helpful to less technical users who find this through google, if each of the permissions included a "good" use case and a "bad" use case. For example: Read\Write SMS - Good: Allows a program to act as your text messaging program. Bad: Allows a program to send and receive text message without your knowledge.
–
Wesley WiserJan 31 '13 at 20:22

I find no reference/link back to the official Android document from your answer. Would be greater if you would add one.
–
Nam G VUAug 22 '13 at 3:41

2

@NamG.VU That's because this isn't taken directly from any place directly off the web. It comes from multiple places, one of which could be the android docs (but not really), another is comments through out the android source code, and is experience using/developing with the permissions.
–
Ryan ConradAug 22 '13 at 14:03

Permissions (continued)

Allows an application to uninstall a shortcut in Launcher (Homescreen)

UPDATE_DEVICE_STATS

Allows an application to update device statistics. Not for use by third
party apps.

Group: SYSTEM_TOOLS

Level: SYSTEM

USE_CREDENTIALS

Allows an application to request authtokens from the AccountManager

Group: ACCOUNTS

This app may use the "credentials" to log into an account. In most cases,
"credentials" just means the corresponding authenticator creates a fitting
token and hands that over (though, how to deal with that is left to the
authenticator). When using an account for the first time, the Account
Manager should make sure the user is asked whether he permits this.

Allows an application to write (but not read) the user's browsing history
and bookmarks.

Group: PERSONAL_INFO

WRITE_OWNER_DATA

WRITE_PROFILE (4.0+)

Allows an application to write (but not read) the user's personal profile
data.

Group: PERSONAL_INFO

WRITE_SECURE_SETTINGS

Allows an application to read or write the secure system settings.

Group: SYSTEM_TOOLS

Level: SYSTEM

WRITE_SETTINGS

Allows an application to read or write the system settings.

Group: SYSTEM_TOOLS

WRITE_SMS

Allows an application to write SMS messages.

Group: MESSAGES

WRITE_SOCIAL_STREAM (4.0+)

Allows an application to write (but not read) the user's social stream data.

Group: PERSONAL_INFO

WRITE_SYNC_SETTINGS

Allows applications to write the sync settings

Group: SYSTEM_TOOLS

WRITE_USER_DICTIONARY (4.1+)

Allows an application to write to the user dictionary.

Group: PERSONAL_INFO

Groups

The individual permissions above fall in to one (or more) of the following permission groups:

ACCOUNTS

Permissions for direct access to the accounts managed
by the Account Manager.

AFFECTS_BATTERY

APP_INFO

AUDIO_SETTINGS

BLUETOOTH_NETWORK

BOOKMARKS

CALENDAR

CAMERA

COST_MONEY

Used for permissions that can be used to make the user spend without their direct involvement. For example, this is the group for permissions that allow you to directly place phone calls, directly send SMS messages, etc.

DEVELOPMENT_TOOLS

Group of permissions that are related to development features. These
are not permissions that should appear in normal applications; they
protect APIs that are intended only to be used for development
purposes.

DEVICE_ALARMS

DISPLAY

HARDWARE_CONTROLS

Used for permissions that provide direct access to the hardware on
the device. This includes audio, the camera, vibrator, etc.

LOCATION

Used for permissions that allow access to the user's current
location.

MESSAGES

Used for permissions that allow an application to send messages
on behalf of the user or intercept messages being received by the
user. This is primarily intended for SMS/MMS messaging, such as
receiving or reading an MMS.

MICROPHONE

NETWORK

Used for permissions that provide access to networking services. The
main permission here is internet access, but this is also an
appropriate group for accessing or modifying any network configuration
or other related network operations.

PERSONAL_INFO

Used for permissions that provide access to the user's private data,
such as contacts, calendar events, e-mail messages, etc. This includes
both reading and writing of this data (which should generally be
expressed as two distinct permissions).

PHONE_CALLS

Used for permissions that are associated with accessing and modifyign
telephony state: intercepting outgoing calls, reading
and modifying the phone state. Note that
placing phone calls is not in this group, since that is in the
more important "takin' yer moneys" group.

SCREENLOCK

SOCIAL_INFO

STATUS_BAR

STORAGE

Group of permissions that are related to SD card access.

SYNC_SETTINGS

SYSTEM_CLOCK

SYSTEM_TOOLS

Group of permissions that are related to system APIs. Many
of these are not permissions the user will be expected to understand,
and such permissions should generally be marked as "normal" protection
level so they don't get displayed. This can also, however, be used
for miscellaneous features that provide access to the operating system,
such as writing the global system settings.